Articles → MICROSOFT AZURE → Identity Protection In Microsoft Azure

Identity Protection In Microsoft Azure

In this article, we will discuss identity protection in Microsoft Azure.

What Is Identity Protection?

Identity protection in Azure is a tool that automates the detection and remediation of risk.

There are two categories of risks: -

Risk	Description
User risk	When the account credentials of the user are compromised then the risk comes under the user risk category
Sign-in risk	When the request does not come from the authenticated user then the risk comes under the sign-in risk category. For example, if a request comes from one location and after 5 minutes the request is coming from another location for the same identity, then this is a sign-in risk

There are three different parameters while configuring the user risk or the sign-in risk: -

Risk	Description
User	This parameter specifies whether the identity protection applies to a specific user or a group of users
Risk level	What is the level of the risk? There are 3 levels of risk i.e., High, Medium, and above, Low, and above
Action	What action should be taken when the risk is encountered?

To access the identity protection module, go to "Azure Active Directory" → "Security" → "Identity Protection".

To configure the user risk policy, click on the "User risk policy" link (see the screenshot above). The first parameter is Users.

Click to Enlarge

The second parameter is the risk level.

Click to Enlarge

The third parameter is action.

Click to Enlarge

Click on the "Save" button to save the changes. Similarly, you can configure a sign-in risk policy as well.

Query/Feedback